Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win 7 BSoD as a result of Malware or virus?

Started by RobertH , Dec 20 2011 11:01 AM

  • Please log in to reply

#1
RobertH
Posted 20 December 2011 - 11:01 AM

RobertH

    Member

  • Member
  • PipPip
  • 19 posts
Hey everyone,

Rshaffer61 advised me to come seek help in this topic for a string of BSoD issues I've been having. (Original post here: Original topic
To sum up so far what is going on as quickly as possible: my old PSU died so I got a new one. Two weeks after getting a new one, I started encountering BSoD. After failing to remedy them for a couple weeks, I obtained new RAM and videocard. The problems persisted. It has now been 2-3 weeks after that, and it has only gotten worse. In trying to diagnose the problem, I deleted everything off my primary drive and reinstalled windows 7. The problem has persisted.

I would like to ensure there is no malware or viruses on my computer. I have and actively run Norton Antivirus 2012 (Which has been problematic these last few days after the new install). Please let me know if you can see anything wrong with the report from OTL, so I can move ahead with my issue. Thanks.

OTL logfile created on: 12/20/2011 8:41:51 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bahamut\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

16.00 Gb Total Physical Memory | 14.66 Gb Available Physical Memory | 91.62% Memory free
32.00 Gb Paging File | 30.63 Gb Available in Paging File | 95.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.43 Gb Total Space | 27.76 Gb Free Space | 37.29% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 218.26 Gb Free Space | 46.86% Space Free | Partition Type: NTFS
Drive F: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BAHAMUT-PC | User Name: Bahamut | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/20 08:33:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bahamut\Desktop\OTL.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccsvchst.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe -- (NAV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/18 23:09:14 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/09/26 16:38:11 | 001,084,024 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/08/08 15:38:05 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2011/08/02 18:22:10 | 000,729,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/08/02 18:22:10 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/07/25 18:18:39 | 000,401,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/25 18:18:35 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/25 18:15:52 | 000,189,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/07/07 15:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011/12/20 08:27:36 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111219.035\ex64.sys -- (NAVEX15)
DRV - [2011/12/20 08:27:36 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111219.035\eng64.sys -- (NAVENG)
DRV - [2011/12/19 21:48:55 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/19 21:48:55 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/12/16 16:20:22 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20111219.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/12/10 02:24:18 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20111210.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 0F FD 52 1A BE CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\IPSFFPlgn\ [2011/12/18 23:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/18 23:15:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/12/18 23:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Extensions
[2011/12/18 23:17:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\07m9esjj.default\extensions
[2011/12/18 23:17:52 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\07m9esjj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/12/18 23:17:54 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\07m9esjj.default\extensions\{50a19f3e-ff10-48ec-b60c-5cf115796bf5}
[2011/12/18 23:29:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\vtqu0jwa.Old\extensions
[2011/12/18 23:29:25 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\vtqu0jwa.Old\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/12/18 23:29:26 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\vtqu0jwa.Old\extensions\{50a19f3e-ff10-48ec-b60c-5cf115796bf5}
[2010/01/06 22:35:37 | 000,004,554 | ---- | M] () -- C:\Users\Bahamut\AppData\Roaming\Mozilla\Firefox\Profiles\07m9esjj.default\searchplugins\aim-search.xml
[2011/12/18 23:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\ROBERT HROUDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07M9ESJJ.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
[2011/11/20 20:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/20 17:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 17:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E258D5CA-F94E-41DA-92E3-C96C4FB2EF36}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 01:29:38 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/20 08:33:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bahamut\Desktop\OTL.exe
[2011/12/20 00:32:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/12/20 00:27:23 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/12/20 00:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011/12/20 00:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011/12/19 22:25:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/12/19 21:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/12/19 21:47:00 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011/12/19 21:46:55 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011/12/19 08:40:13 | 000,061,440 | ---- | C] ( ) -- C:\Users\Bahamut\Desktop\VEW.exe
[2011/12/19 08:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2011/12/19 08:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2011/12/19 08:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2011/12/19 08:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/12/19 08:32:17 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\Desktop\Microsoft Office XP PRO (word, excel, powerpoint, outlook, a
[2011/12/19 08:08:58 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/12/19 00:24:17 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\TS3Client
[2011/12/19 00:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/12/19 00:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011/12/19 00:06:50 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\riotsGamesLogs
[2011/12/19 00:06:36 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\LolClient
[2011/12/18 23:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/12/18 23:55:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/12/18 23:51:38 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Macromedia
[2011/12/18 23:51:38 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Adobe
[2011/12/18 23:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2011/12/18 23:51:14 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Yahoo!
[2011/12/18 23:51:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/12/18 23:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011/12/18 23:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/12/18 23:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2011/12/18 23:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
[2011/12/18 23:48:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW
[2011/12/18 23:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/12/18 23:30:31 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/12/18 23:30:31 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/12/18 23:16:10 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Mozilla
[2011/12/18 23:16:10 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Local\Mozilla
[2011/12/18 23:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/12/18 23:10:29 | 001,084,024 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symefa64.sys
[2011/12/18 23:10:29 | 000,729,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtsp64.sys
[2011/12/18 23:10:29 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symds64.sys
[2011/12/18 23:10:29 | 000,401,016 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symnets.sys
[2011/12/18 23:10:29 | 000,189,560 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ironx64.sys
[2011/12/18 23:10:29 | 000,167,048 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ccsetx64.sys
[2011/12/18 23:10:29 | 000,037,496 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtspx64.sys
[2011/12/18 23:10:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A
[2011/12/18 23:09:59 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\Documents\Symantec
[2011/12/18 23:09:14 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/18 23:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/12/18 23:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/12/18 23:08:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2011/12/18 23:08:55 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2011/12/18 23:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2011/12/18 23:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/12/18 23:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/12/18 23:07:07 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/12/18 23:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/12/18 22:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/12/18 22:46:57 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/12/18 22:29:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/12/18 22:29:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/12/18 21:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/12/18 21:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/12/18 21:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/12/18 21:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/12/18 21:25:19 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/18 21:25:19 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Searches
[2011/12/18 21:25:19 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/18 21:25:19 | 000,000,000 | -H-D | C] -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/12/18 21:25:11 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Identities
[2011/12/18 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Contacts
[2011/12/18 21:25:06 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Local\VirtualStore
[2011/12/18 21:25:02 | 000,000,000 | --SD | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Videos
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Saved Games
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Pictures
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Music
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Links
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Favorites
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Downloads
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Documents
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\Desktop
[2011/12/18 21:25:02 | 000,000,000 | R--D | C] -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\AppData\Local\Temporary Internet Files
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Templates
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Start Menu
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\SendTo
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Recent
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\PrintHood
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\NetHood
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Documents\My Videos
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Documents\My Pictures
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Documents\My Music
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\My Documents
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Local Settings
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\AppData\Local\History
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Cookies
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\Application Data
[2011/12/18 21:25:02 | 000,000,000 | -HSD | C] -- C:\Users\Bahamut\AppData\Local\Application Data
[2011/12/18 21:25:02 | 000,000,000 | -H-D | C] -- C:\Users\Bahamut\AppData
[2011/12/18 21:25:02 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Local\Temp
[2011/12/18 21:25:02 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Local\Microsoft
[2011/12/18 21:25:02 | 000,000,000 | ---D | C] -- C:\Users\Bahamut\AppData\Roaming\Media Center Programs
[2011/12/18 21:24:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/12/18 20:48:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/12/18 20:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/12/18 20:45:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/12/18 20:44:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther

========== Files - Modified Within 30 Days ==========

[2011/12/20 08:40:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/20 08:40:34 | 670,649,860 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/20 08:40:25 | 4294,320,126 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/20 08:35:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/20 08:35:57 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/20 08:35:57 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/20 08:33:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bahamut\Desktop\OTL.exe
[2011/12/20 08:29:10 | 000,018,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/20 08:29:10 | 000,018,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/20 08:08:11 | 000,285,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/20 01:03:40 | 001,671,877 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\Cat.DB
[2011/12/20 00:28:53 | 000,054,210 | ---- | M] () -- C:\Users\Bahamut\Desktop\hwmon 1.PNG
[2011/12/19 08:51:22 | 000,000,017 | ---- | M] () -- C:\Users\Bahamut\AppData\Local\resmon.resmoncfg
[2011/12/19 08:40:15 | 000,061,440 | ---- | M] ( ) -- C:\Users\Bahamut\Desktop\VEW.exe
[2011/12/19 08:35:01 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/12/19 08:34:43 | 000,001,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/12/19 00:23:03 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/12/18 23:57:48 | 000,000,517 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/12/18 23:51:07 | 000,001,165 | ---- | M] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/18 23:51:07 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/12/18 23:48:57 | 000,000,939 | ---- | M] () -- C:\Users\Bahamut\Desktop\SIW.lnk
[2011/12/18 23:15:58 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/18 23:12:15 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/12/18 23:10:38 | 000,004,782 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\VT20111023.024
[2011/12/18 23:09:14 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/18 23:09:14 | 000,007,530 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/18 23:09:14 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/18 22:49:11 | 000,001,441 | ---- | M] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/18 22:15:52 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/18 22:15:52 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/18 20:49:24 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/12/18 20:49:24 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2011/12/20 00:28:53 | 000,054,210 | ---- | C] () -- C:\Users\Bahamut\Desktop\hwmon 1.PNG
[2011/12/19 21:47:25 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/12/19 21:46:52 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011/12/19 21:46:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011/12/19 21:46:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011/12/19 21:46:41 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011/12/19 08:51:22 | 000,000,017 | ---- | C] () -- C:\Users\Bahamut\AppData\Local\resmon.resmoncfg
[2011/12/19 08:35:01 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/12/19 08:34:43 | 000,001,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/12/19 08:34:42 | 000,002,655 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
[2011/12/19 08:34:42 | 000,002,625 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
[2011/12/19 08:34:41 | 000,002,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2011/12/19 08:34:36 | 000,002,611 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
[2011/12/19 08:34:35 | 000,002,657 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2011/12/19 08:34:33 | 000,002,623 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
[2011/12/19 08:30:03 | 414,281,551 | ---- | C] () -- C:\Users\Bahamut\Desktop\Microsoft Office XP PRO (word, excel, powerpoint, outlook, a.zip
[2011/12/19 08:08:41 | 670,649,860 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/12/19 00:23:03 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/12/18 23:57:48 | 000,000,517 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/12/18 23:51:07 | 000,001,165 | ---- | C] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/18 23:51:07 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/12/18 23:48:57 | 000,000,939 | ---- | C] () -- C:\Users\Bahamut\Desktop\SIW.lnk
[2011/12/18 23:15:57 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/18 23:15:56 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/18 23:11:41 | 001,671,877 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\Cat.DB
[2011/12/18 23:10:46 | 000,004,782 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\VT20111023.024
[2011/12/18 23:10:29 | 000,007,510 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ccsetx64.cat
[2011/12/18 23:10:29 | 000,007,504 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtspx64.cat
[2011/12/18 23:10:29 | 000,007,502 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symefa64.cat
[2011/12/18 23:10:29 | 000,007,500 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtsp64.cat
[2011/12/18 23:10:29 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symds64.cat
[2011/12/18 23:10:29 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\iron.cat
[2011/12/18 23:10:29 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symnet64.cat
[2011/12/18 23:10:29 | 000,003,433 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symefa.inf
[2011/12/18 23:10:29 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symds.inf
[2011/12/18 23:10:29 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symnet.inf
[2011/12/18 23:10:29 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtsp64.inf
[2011/12/18 23:10:29 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtspx64.inf
[2011/12/18 23:10:29 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ccsetx64.inf
[2011/12/18 23:10:29 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\iron.inf
[2011/12/18 23:10:27 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\isolate.ini
[2011/12/18 23:09:14 | 000,007,530 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/18 23:09:14 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/18 23:09:08 | 000,002,397 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/12/18 22:49:11 | 000,001,441 | ---- | C] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/18 22:15:52 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/18 22:15:52 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/18 21:25:23 | 000,001,413 | ---- | C] () -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/12/18 21:25:21 | 000,001,447 | ---- | C] () -- C:\Users\Bahamut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/18 21:25:02 | 000,000,290 | ---- | C] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/18 21:25:02 | 000,000,272 | ---- | C] () -- C:\Users\Bahamut\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/18 20:49:12 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/18 20:49:09 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/18 20:45:39 | 4294,320,126 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/12/19 00:06:36 | 000,000,000 | ---D | M] -- C:\Users\Bahamut\AppData\Roaming\LolClient
[2011/12/20 00:25:56 | 000,000,000 | ---D | M] -- C:\Users\Bahamut\AppData\Roaming\TS3Client
[2009/07/13 21:08:49 | 000,008,464 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP